1 |
I use mysql as a backend for a very busy postfix mail/apache web |
2 |
infrastructure. While the apache setup is really in-house, the mail |
3 |
setup is pretty standard. We serve as a mail host for hundreds of |
4 |
domains using a mysql database to house all of the hosted domains and |
5 |
user accounts (mail is stored in maildirs). Having the accounts stored |
6 |
in the DB allows us to split the mail server tasks across many servers |
7 |
(imap, pop, smtp, virus/spam scans, etc.) can be done on different |
8 |
servers as the database is replicated to them and can be read locally |
9 |
(mail can be passed from system to system which all have a consistent |
10 |
DB). It also eliminates the need for system accounts, which is nice. |
11 |
It was a little tricky to get everything setup and working on it's own, |
12 |
but it has been just the tool for the job. |
13 |
|
14 |
We have been using this setup for several years and it has been very |
15 |
reliable. |
16 |
|
17 |
The master/slave relationship needs to be monitored, but generally runs |
18 |
well if left to it's own devices. |
19 |
|
20 |
Failover works well because we have multiple systems and control |
21 |
failover between them from a nagios monitoring server (this was some |
22 |
cool voodoo but it works really well). |
23 |
|
24 |
We never considered ldap as an alternative so I can't comment on it's |
25 |
performance, but for us, mysql has never been a bottleneck. |
26 |
|
27 |
|
28 |
paul kölle said the following: |
29 |
> Hi all, |
30 |
> |
31 |
> we are in the process setting up a new server (on gentoo) for the usual |
32 |
> web/mail/db stuff with cyrus/postfix/apache/mysql/subversion/... We'd |
33 |
> like to store all accounts in a backend that can be shared by more than |
34 |
> one host and run in an replicated server/slave setup so that one machine |
35 |
> can takeover the service if the other fails. |
36 |
> |
37 |
> I've looked around and it seems there is a general choice of using ldap |
38 |
> or mysql for this. I know LDAP and it's shortcomings quite well (hairy |
39 |
> bdb setup, no transactions) otherwise it should be fine for the job. The |
40 |
> other option is mysql. You can have system accounts through pam and nss |
41 |
> modules, there is a backend for SASL, apache can fetch vhosts from mysql |
42 |
> as well as cyrus and postfix can for mail (if not directly it should |
43 |
> always work with nss/pam). Unfortunately I have no practical experience |
44 |
> with mysql for things like that. I heard about persistent connections, |
45 |
> caches or connections over sockets but haven't tried anything like that |
46 |
> (yet). So I'm really interested in real world experiences... |
47 |
> |
48 |
> Does it work reliably? |
49 |
> Does mysql master/slave work reliably? |
50 |
> How do you handle failover? |
51 |
> How does it performs in comparison to LDAP in terms of bind/fetch/unbind |
52 |
> cycle, is that expensive? |
53 |
> Anything I couldn't ask since I'm sooooooooooooo clueless ;) |
54 |
> |
55 |
> thanks |
56 |
> Paul |
57 |
-- |
58 |
gentoo-server@g.o mailing list |